Enforcement levels are a first class concept in Sentinel allowing pass/fail
behavior to be associated separately from the policy logic. This enables
any policy to be a warning, allow overrides, or be absolutely mandatory.
Because this level is not part of the policy body itself, different uses of
the same policy can have different enforcement levels.

Sentinel has three enforcement levels:

Advisory: The policy is allowed to fail. However, a warning should be
shown to the user or logged.

Soft Mandatory: The policy must pass unless an override is specified.
The semantics of "override" are specific to each Sentinel-enabled application.
The purpose of this level is to provide a level of privilege separation
for a behavior. Additionally, the override provides non-repudiation since
at least the primary actor was explicitly overriding a failed policy.

Hard Mandatory: The policy must pass no matter what. The only way to
override a hard mandatory policy is to explicitly remove the policy.
Hard mandatory is the default enforcement level. It should be used in
situations where an override is not possible.

Enforcement levels are configured when a policy is deployed to a
Sentinel-enabled application. The exact mechanism that the level is specified
is determined by each application. Please reference the documentation for
your Sentinel-enabled application for more information.

Enforcement levels are not configured and are not known by the policy body
itself. All policies should be written to describe exactly the behavior
they're attempting to control. For example, a policy that restricts deploys
to business hours should be written exactly like so. When that policy is
configured on an application, the operator may specify that it is advisory,
soft, or hard mandatory.